{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c98798d0-661a-5d7a-8b40-648b5c8f2cdc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-project", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:18f3580d-ceef-5d35-8d20-f92646972b41", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88b35bac-2d73-566d-adc1-6d66ad36634b", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:343287e5-9693-5493-bf80-cb51932d61d2", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dba7b4e2-ea17-500d-9cff-7acfe713044b", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36324abc-8223-5b46-8b97-0aa937c88bc6", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d9ab728-9a28-5303-b4aa-1736306888f3", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96c116fa-b59d-5837-bdf1-8bf2d7e9eea9", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7df279ad-932b-5b37-bf5a-5376754676ff", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d28b7db-0e3c-5cc1-b670-9c51b95602fc", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1dffa22d-57ca-5afa-be0e-67ac27e101c4", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38a1785c-5338-5777-bfc6-2e8ffc191a7a", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c402eb3c-7540-52a1-ac53-c9b5e4183d28", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52aaf4f5-0acf-5eeb-9ce8-496f9aa7cc43", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0fa2cb0-f59f-5fab-997b-ac8f5c828947", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c437bbed-9b13-55d1-836c-060d39f831b0", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fcbcae0-a958-5954-98b7-8bef3074b278", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:757ccdaa-fa11-5163-94c9-019c7c484a40", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.1" } ] }